Press Release

72% willing to pay after ransomware attack, finds Cohesity

Thu 20 Jul 2023

More than 9 out of 10 security decision makers say cyberthreats have increased, with 72% being willing to pay ransom and use insurance to help recovery. These are the findings from new research commissioned by Cohesity.

Cyberthreats are increasing, capabilities aren’t keeping pace, and ransom payouts and insurance cover the gaps.

As part of a global survey of over 3,400 IT and Security decision makers, 91% of those surveyed in the UK believe that the threat of ransomware attack has increased over the past year. Meanwhile, 39% of respondent’s organisations had been a victim to ransomware in the last six months, showing how this threat continues to blight the industry.

Cyber resiliency plans that enable organisations to anticipate, withstand, recover from and adapt to different types of attack aren’t keeping pace with rising threats.

While over 85% of respondents’ organisations have a cyber resiliency strategy in place, only one in five (23%) have complete confidence in it, and over half (53%) say that it has gaps, could be improved, or they have little confidence in it.

42% say their teams are stretched too thin, while over a third of respondents (38%) say their organisation’s leadership is simply not aware of the importance of cyber resiliency, perhaps explaining why organisations are still failing to invest sufficiently in skilled people and solutions.

In fact, 70% of respondents believe that they currently lack enough skilled workers to respond effectively to a data breach or loss.

“A cyber resiliency strategy that prioritises the ability to recover from a cyber-attack is arguably more important than one that focuses solely on prevention.

“But all the time that companies try to pay their way out of trouble with ransoms, insurance or warranties is throwing money in the wrong direction as this won’t help them recover the data and processes that keep the organisation in business. The gaps aren’t in prevention or even in the workforce, the gaps that need bridging are in the c-suite taking the threats seriously and investing in tools to rapidly recover from attacks,” said James Blake, CISO EMEA at Cohesity.

Data recovery capabilities

Despite these concerns, 95% are confident they can recover data and critical business processes in the event of a data breach or loss. However, 68% said it will be touch and go, or they have limited confidence.

About a third (37%) cited a lack of coordination between IT and security teams as the biggest barrier to getting the organisation back up and running. A similar number (31%) said that lack of a recent clean and immutable copy of data would be their biggest hurdle.

Just over half of respondents (52%) believe they would recover data and business processes in under a week (1-6 days), and a leading 3% believe they could do it in under 24 hours.

Ransoms and insurance payouts

The research by Cohesity suggests that organisations are prepared to pay in order to compensate for some of the gaps in their cyber resiliency. Of those surveyed, only 9% ruled out paying a ransom to recover their data after an attack. 29% would ‘definitely pay’ and 62% would consider it depending on the severity of the attack and cost of ransom.

Likewise, 80% believe that they would be covered by ransomware warranties, contrary to Cohesity’s own investigation of the terms and conditions of many warranties. Similarly, 73% of those surveyed said their organisation has cyber-insurance, but reflecting the industry challenges, almost half (48%) said it was ‘much harder’ or ‘somewhat harder’ to get insurance now than three years ago.

“IT and SecOps must co-own organisations’ cyber resilience outcomes to identify sensitive data and protect, detect, respond, and recover from cyberattacks.

“Relying on traditional backup and recovery systems, which lack modern data security capabilities, in today’s sophisticated cyberthreat landscape is a recipe for disaster. Instead, organisations should seek out data security and management platforms that integrate with their existing cybersecurity solutions and provide visibility into their security posture and improve cyber resilience,” said Brian Spanswick, CISO, Cohesity.

These findings are based on a survey of 500 IT and Security Operations (SecOps) decision-makers (split 50/50 between the two groups) from organisations in the UK.

The global survey comprised over 3,400 respondents from Australia, France, Germany, Japan, New Zealand, UK, and the United States, and will be released in full in late July as part of Cohesity’s Global 2023 State of Data Security & Management Report.

Hungry for more tech news?

Sign up for your weekly tech briefings!

Send us a correction Send us a news tip